Tyler-R-Kendrick/azure-compliance
.agents/skills/azure-compliance/SKILL.md
Comprehensive Azure compliance and security auditing capabilities including best practices assessment, Key Vault expiration monitoring, and resource configuration validation. USE FOR: compliance scan, security audit, azqr, Azure best practices, Key Vault expiration check, compliance assessment, resource review, configuration validation, expired certificates, expiring secrets, orphaned resources, policy compliance, security posture evaluation. DO NOT USE FOR: deploying resources (use azure-deploy), cost analysis alone (use azure-cost-optimization), active security hardening (use azure-security-hardening), general Azure Advisor queries (use azure-observability).
$ install --global
skillsauthnpx skillsauth add Tyler-R-Kendrick/agent-skills azure-complianceInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 15, 2026, 10:50 PM110.7s5 files scanned
SKILL.md
- name:
- azure-compliance
- description:
- |
- USE FOR:
- compliance scan, security audit, azqr, Azure best practices, Key Vault expiration check,
- DO NOT USE FOR:
- deploying resources (use azure-deploy), cost analysis alone (use azure-cost-optimization),
Azure Compliance & Security Auditing
Triggers
Activate this skill when user wants to:
- Check Azure compliance or best practices
- Assess Azure resources for configuration issues
- Run azqr or Azure Quick Review
- Identify orphaned or misconfigured resources
- Review Azure security posture
- "Show me expired certificates/keys/secrets in my Key Vault"
- "Check what's expiring in the next 30 days"
- "Audit my Key Vault for compliance"
- "Find secrets without expiration dates"
- "Check certificate expiration dates"
Assessments
| Assessment | Reference | |------------|-----------| | Comprehensive Compliance (azqr) | references/azure-quick-review.md | | Key Vault Expiration | references/azure-keyvault-expiration-audit.md |
MCP Tools
| Tool | Purpose |
|------|---------|
| mcp_azure_mcp_extension_azqr | Run azqr compliance scans |
| mcp_azure_mcp_subscription_list | List available subscriptions |
| mcp_azure_mcp_group_list | List resource groups |
| keyvault_key_list | List all keys in vault |
| keyvault_key_get | Get key details including expiration |
| keyvault_secret_list | List all secrets in vault |
| keyvault_secret_get | Get secret details including expiration |
| keyvault_certificate_list | List all certificates in vault |
| keyvault_certificate_get | Get certificate details including expiration |
Related Skills
Tyler-R-Kendrick/design-system
tools
VerifiedTrustedCommunity
Use when building or maintaining a design system — the coordinated set of design tokens, component libraries, documentation, and tooling that ensures visual and behavioral consistency across products. USE FOR: design system architecture, choosing token formats vs component frameworks, connecting Figma to code, design-to-development workflows, multi-platform consistency DO NOT USE FOR: specific token authoring (use design-tokens), Figma workflows (use figma), component cataloging (use storybook), token transformation (use style-dictionary), cross-framework components (use mitosis)
10SKILL.mdUpdated Jun 10, 2026
Tyler-R-Kendrick/x402
tools
VerifiedTrustedCommunity
Use when implementing the x402 protocol for HTTP-native micropayments. Covers server middleware, client payment flows, facilitator integration, and stablecoin payments for APIs and AI agents. USE FOR: API micropayments, monetizing endpoints, stablecoin HTTP payments, automated agent payments for API access DO NOT USE FOR: full commerce flows with cart/checkout (use ap2), agent communication (use a2a), tool integration (use mcp)
10SKILL.mdUpdated Jun 10, 2026
Tyler-R-Kendrick/mcp
tools
VerifiedTrustedCommunity
Use when implementing or integrating with the Model Context Protocol (MCP) for AI tool servers, resources, prompts, and context management. USE FOR: building MCP tool servers, exposing resources to agents, prompt templates, connecting agents to external APIs DO NOT USE FOR: agent-to-agent communication (use a2a), interactive UI rendering (use mcp-apps), agent payments (use x402 or ap2)
10SKILL.mdUpdated Jun 10, 2026
Tyler-R-Kendrick/mcp-apps
tools
VerifiedTrustedCommunity
Use when building MCP Apps that serve interactive UI from MCP servers. Covers the ui:// URI scheme, HTML rendering in sandboxed iframes, and bidirectional communication between UI and host. USE FOR: rich UI in agent conversations, interactive dashboards from MCP servers, sandboxed iframe rendering DO NOT USE FOR: basic tool responses without UI (use mcp), agent communication (use a2a), full web applications
10SKILL.mdUpdated Jun 10, 2026